<?php
	include_once("db/UserDAO.inc");
	include_once("db/AuditLogs.inc");

	$user = new User();
	$user->uid = $_REQUEST["uid"];
	$user->username = $_REQUEST["username"];
	$user->password = $_REQUEST["password"];
	$user->firstName = $_REQUEST["firstName"];
	$user->surname = $_REQUEST["surname"];
	$user->accessLevel = $_REQUEST["accessLevel"];
	$user->ecno = $_REQUEST["ecno"];
	$user->shift = $_REQUEST["shift"];
	/*
	 * Check if the user name already exists.  If so, redirect back to the user add page with
	 * an error.
	 */
	if (User::getUserByName($user->username) != null && $user->uid == 0) {
		header("Location: ?action=editUser&error=userExists");
	} else {
		
		User::updateUser($user);
		if ($user->uid == 0) {
			AuditLogs::insertLog(User::getUser($_SESSION["uid"])->username, 'admin - add user',
				"Username='".addslashes($user->username)." FirstName='".addslashes($user->firstName)."' Surname='"
				.addslashes($user->surname)."' AccessLevel='".$user->accessLevel."' EC No='".addslashes($user->ecno).
				"' Shift='".$user->shift."'");
		} else {
			AuditLogs::insertLog(User::getUser($_SESSION["uid"])->username, 'admin - modifiy user',
				"ID='".$user->uid."' Username='".addslashes($user->username)." FirstName='".addslashes($user->firstName)."' Surname='"
				.addslashes($user->surname)."' AccessLevel='".$user->accessLevel."' EC No='".addslashes($user->ecno).
				"' Shift='".$user->shift."'");
		}
		
		
		header("Location: .");
	}
?>